A new form of #Facebook #Spam | #Trojan | #Virus (posing as plugin installer) #CyberSecurity

People, there is a new attack site or link (originated from Facebook) with the following pattern  (emphasize on point 3 below, posing as Flash or other Plugin installer):

  1. It is posted on your friend feed because one or more of your friend's PC was attacked. (BTW, it may appear on your wall, even if you didn't click - in case the compromised friend of yours has the access to post on your wall. This normally happens through tagging. When the virus posts on your friend's wall, it may also tag you. So it will appear on your wall too. So if you fear that one or some of your friends FB account is compromised, then temporarily disallow him/them to post on your wall from Facebook privacy setting)
  2. Once you click the link, if you're logged-in on Facebook, it will post the same crap from your profile.
  3. You are logged in or not, in either case, it will try to play a video after that, and after a few seconds, it will say
    "Plug-in not installed, click to install plugin" - or something similar.
    It looks something similar, when your browser doesn't have Flash player installed.
  4. When you click this, it'll download and try to install an exe file which is actually some sort of Trojan | virus.

Please don't fall into their trap, this will compromise the security of your computer & may potentially compromise security of your friends' & colleges' computer.  So, don't click on crappy link | image | video on Facebook and be safe. If any link asks you to install a plugin, make sure it's from a valid & secure source. For example: Always install Flash player directly from adobe.com

I've made a habit of myself in tracking and reporting these types of spams & viruses.

However, you may or may not have the sufficient technical expertise for this. So if you are doubtful about a link, posted on your Facebook wall or Friend's feed, contact an expert you know to test the link's validity.

If you have to check for yourself, don't click, follow the instructions below:

  1. Right click on the link or video or image.
  2. From browser context menu, select COPY LINK. (depending on the browser you are using, the context menu may be a little different, but you'll know when you see it)
  3. Paste the link to a different browser. Of course first make sure you or someone else is not logged-in on Facebook from that browser. Just visit Facebook home page to make sure. Only then visit the concerned link.

 

BTW, there is an easy way to see if some video | photo | link is a valid Facebook video | photo | link (not applicable for mobile browser). Just take your mouse pointer over the video | photo | link after the page is completely loaded, and look at your browser's status bar. (If you have no idea what a status bar is, look at the bottom left corner of your browser).

If the link is something like:

www.facebook.com/-----

http://www.facebook.com/-----

https://www.facebook.com/-----

Then, most likely it is OK (with one exception though: If it takes you to a Facebook application page, and that application is asking permission for full access to your Facebook account, then you should be concerned about it)

If your status bar shows a link other than Facebook, (even though it is presenting itself as a Facebook video or photo) then avoid it. However, if the external site's link is something familiar, like YouTube, Google, BBC, CNN etc. then no problem. But make sure, it is a familiar site and not a trap.

 

For example, This is a YouTube link example:

www.youtube.com/watch?v=blah_blah_blah

But, this is not (TRAP!!!):

www.YouTube.attack-site.com/watch?v=blah_blah_blah

Be careful and be safe & secure :)

6 comments on “A new form of #Facebook #Spam | #Trojan | #Virus (posing as plugin installer) #CyberSecurity”

    1. Well, I suppose there is no simple answer for this question. Since, each case of virus .exe will be different from others.

      Your best action is to Google with the specific file name for that virus .exe file and look for particular solution for that virus & then scan the entire computer with a good anti-virus software.

  1. just make a system restore.. or run msconfig then uncheck those virus on startup tab..coz most viruses are running on startup method.. or much better to look for the directory of that virus then delete the file..=)

  2. Cool information about facebook virus attacks! I've noticed many times that videos are posted on my wall from my friends and when I ask them about video they said NO I didn't post any video :( Anyways Thanks for informing us to stay safe from these kind of videos or links. One thing more I want to add in this post please Install Norton app for scan your wall on daily basis. I'm using it and its very important if you want to stay safe. As you said temporary disallow your friends who are posting videos/links.

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use the following HTML tags and attributes, but please be nice:

<a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>